<?php

$__FILEPATH__ = dirname(__FILE__)."/";
require_once($__FILEPATH__."./func_common.php");
require_once($__FILEPATH__."./class_def.php");
require_once($__FILEPATH__."./conf/info.php");

session_start();

if (!isset($_SESSION["user"]))
{
	header("HTTP/1.1 403 Forbidden");
	exit(0);
}

header("Content-Type: text/html; charset=UTF-8");

$mysqli = GetMysqliInstance();


$UserItem = new UserListItem();

$stmt = $mysqli->prepare("select username, password, nickname, sex, school, email, imagesrc, intra, ip, rgtime, permission from userlist where username=?");
do
{
	if (!$stmt)
		break;

	$stmt->bind_param("s", $_SESSION["user"]);
	if (!$stmt->execute())
		break;

	$stmt->bind_result($r_username, $r_password, $r_nickname, $r_sex, $r_school, $r_email, $r_imagesrc, $r_intra, $r_ip, $r_rgtime, $r_permission);
	if(!$stmt->fetch())
		break;

	$UserItem->username 	= $r_username;
	$UserItem->password 	= $r_password;
	$UserItem->nickname 	= $r_nickname;
	$UserItem->sex 			= $r_sex;
	$UserItem->school		= $r_school;
	$UserItem->email 		= $r_email;
	$UserItem->imagesrc 	= $r_imagesrc;
	$UserItem->intra 		= $r_intra;
	$UserItem->ip 			= $r_ip;
	$UserItem->rgtime 		= $r_rgtime;
	$UserItem->permission 	= $r_permission;


}while(false);

$stmt->close();

if(isset($_POST["update"]))
{
		$username 		= $_SESSION["user"];
		$nickname 		= $_POST["nickname"];
		$sex 			= $_POST["sex"];
		$school 		= $_POST["school"];
		$email 			= $_POST["email"];
		$imagename 		= $_FILES['imagefile']["name"];
		$intra 			= $_POST["intra"];

		if ($imagename == "")
			$imagesrc = $UserItem->imagesrc;
		else 
			$imagesrc = GetFormalImgPath($imagename);

		$strsql = "update userlist set nickname = ?, sex = ?, school = ?, email = ?, intra = ?";
		$strsql .= ", imagesrc = ? where username = ?";

		

		if(Check($nickname, $sex, $school, $intra)
			&& ($imagename == "" || JudgeUpLoadImageFile($_FILES['imagefile'])))
		{
			if ($email != "" && !IsValidEmail($email))
				die("<h4 style='color:red'>电子邮件地址非法<h4>");
			
			$stmt = $mysqli->prepare($strsql);
			$stmt->bind_param("sssssss", $nickname, $sex, $school, $email, $intra, $imagesrc, $username);
			if ($stmt->execute())
			{
				$stmt->close();
				if($imagesrc != $UserItem->imagesrc)
				{
					$imgMiniSrc = str_replace("pic", "pic_min", $imagesrc);
					if (UploadImage($_FILES['imagefile'], $imagesrc))
					{
						if (file_exists($UserItem->imagesrc))
							unlink($UserItem->imagesrc);
						if (file_exists($imgMiniSrc))
							unlink($imgMiniSrc);
						CreateMiniImage($imagesrc,$imgMiniSrc);
						$mysqli->query("update acmerlist set imagesrc='".$imgMiniSrc."' where username = '$username'");
					}
				}
				echo "<script type='text/javascript'>alert('恭喜！账号更新成功');window.location=\"./\";</script>";
			}
			else
			{
				$stmt->close();
				die("<h4 style='color:red'>信息修改失败~~<h4>");
			}
		}
		else
			die("<h4 style='color:red'>信息修改失败~~<h4>");
}

$mysqli->close();


function Check($nickname, $sex, $school, $intra)
{
	if( $sex == "" 
		|| $nickname == "" 
		|| strlen($sex) > 8
		|| strlen($nickname) > 64
		|| strlen($school) > 128
		|| strlen(intra) > 10000
		)
		return false;
	return true;
}

?>